Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add:create cleanify into utils modules #75

Merged
merged 5 commits into from
Dec 12, 2023
Merged

add:create cleanify into utils modules #75

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
dac52d2
add:create `cleanify` into `utils` moudel
r1cardohj Dec 9, 2023
ab448fc
fix:pass flake8 and tox
r1cardohj Dec 9, 2023
8ef17b4
fix some question about change request
r1cardohj Dec 11, 2023
4982834
add test_case about without install bleach
r1cardohj Dec 11, 2023
16779d8
Improve the cleanify implementation
greyli Dec 12, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions CHANGES.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,13 @@ Changelog

Release date: -

0.5.2
-----

Release date: 2023/12/09
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No need to add a specific date here, I will update it when I make the new release.

Suggested change
Release date: 2023/12/09
Release date: N/A


- add ``cleanify`` function to ``flask_ckeditor.utils``
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- add ``cleanify`` function to ``flask_ckeditor.utils``
- Add ``cleanify`` function to ``flask_ckeditor.utils`` for HTML sanity.



0.5.1
-----
Expand Down
24 changes: 23 additions & 1 deletion flask_ckeditor/utils.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,13 @@
import os
import uuid

import warnings
from flask import url_for

try:
import bleach
except ImportError:
warnings.warn('bleach is not installed,`cleanify` function will not be available')

Check warning on line 9 in flask_ckeditor/utils.py

View check run for this annotation

Codecov / codecov/patch

flask_ckeditor/utils.py#L8-L9 

Added lines #L8 - L9 were not covered by tests
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
warnings.warn('bleach is not installed,`cleanify` function will not be available')
warnings.warn('The "bleach" library is not installed, `cleanify` function will not be available.')



def get_url(endpoint_or_url):
if endpoint_or_url.startswith(('https://', 'http://', '/')):
Expand All @@ -15,3 +20,20 @@
ext = os.path.splitext(old_filename)[1]
new_filename = uuid.uuid4().hex + ext
return new_filename


def cleanify(text, *, allow_tags=None):
"""clean the input from client, this function rely on bleach,


Args:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use the docstring style that matches the existing code.

text (str): input
allow_tags (Iterable[str], optional): if you don't want to use default `allow_tags`
you can provide a Iterable which include html tag string like ['a', 'li',...]
"""
if allow_tags:
return bleach.linkify(bleach.clean(text, tags=allow_tags))
default_allowed_tags = {'a', 'abbr', 'b', 'blockquote', 'code',
'em', 'i', 'li', 'ol', 'pre', 'strong', 'ul',
'h1', 'h2', 'h3', 'h4', 'h5', 'p'}
return bleach.linkify(bleach.clean(text, tags=default_allowed_tags))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You can simplify the code to this:

Suggested change
if allow_tags:
return bleach.linkify(bleach.clean(text, tags=allow_tags))
default_allowed_tags = {'a', 'abbr', 'b', 'blockquote', 'code',
'em', 'i', 'li', 'ol', 'pre', 'strong', 'ul',
'h1', 'h2', 'h3', 'h4', 'h5', 'p'}
return bleach.linkify(bleach.clean(text, tags=default_allowed_tags))
default_allowed_tags = {'a', 'abbr', 'b', 'blockquote', 'code',
'em', 'i', 'li', 'ol', 'pre', 'strong', 'ul',
'h1', 'h2', 'h3', 'h4', 'h5', 'p'}
return bleach.linkify(bleach.clean(text, tags=allow_tags or default_allowed_tags))

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

cool, i got it !

2 changes: 1 addition & 1 deletion requirements/dev.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -164,7 +164,7 @@ wtforms==3.1.1
# via
# flask-admin
# flask-wtf

bleach==6.1.0
# The following packages are considered to be unsafe in a requirements file:
# pip
# setuptools
1 change: 1 addition & 0 deletions requirements/example.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,3 +48,4 @@ wtforms==3.1.1
# via
# flask-admin
# flask-wtf

1 change: 1 addition & 0 deletions requirements/tests.in
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,3 +5,4 @@ flask-wtf
flask-admin
flask-sqlalchemy
tablib
bleach
1 change: 1 addition & 0 deletions requirements/tests.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,3 +61,4 @@ wtforms==3.1.1
# via
# flask-admin
# flask-wtf
bleach==6.1.0
43 changes: 43 additions & 0 deletions test_flask_ckeditor.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
from flask_wtf import FlaskForm, CSRFProtect

from flask_ckeditor import CKEditorField, _CKEditor, CKEditor, upload_success, upload_fail
from flask_ckeditor.utils import cleanify


class CKEditorTestCase(unittest.TestCase):
Expand Down Expand Up @@ -287,6 +288,48 @@ def test_upload_fail(self):
{'uploaded': 0, 'error': {'message': 'new error message'}}
)

def test_cleanify_input_js(self):
input = 'an <script>evil()</script> example'
clean_ouput = cleanify(input)
self.assertEqual(clean_ouput,
u'an &lt;script&gt;evil()&lt;/script&gt; example')

def test_cleanify_input_url(self):
input = 'abc http://example.com def'
clean_output = cleanify(input)
self.assertEqual(clean_output,
u'abc <a href="http://example.com" rel="nofollow">http://example.com</a> def')

def test_cleanify_by_allow_tags(self):
input = '<b> hello <a> this is a url </a> !</b> <h1> this is h1 </h1>'
clean_out = cleanify(input, allow_tags=['b'])
self.assertEqual(clean_out,
'<b> hello &lt;a&gt; this is a url &lt;/a&gt; !</b> &lt;h1&gt; this is h1 &lt;/h1&gt;')

def test_cleanify_by_default_allow_tags(self):
self.maxDiff = None
input = """<a>xxxxx</a>
<abbr>xxxxx</abbr>
<b>xxxxxxx</b>
<blockquote>xxxxxxx</blockquote>
<code>print(hello)</code>
<em>xxxxx</em>
<i>xxxxxx</i>
<li>xxxxxx</li>
<ol>xxxxxx</ol>
<pre>xxxxxx</pre>
<strong>xxxxxx</strong>
<ul>xxxxxx</ul>
<h1>xxxxxxx</h1>
<h2>xxxxxxx</h2>
<h3>xxxxxxx</h3>
<h4>xxxxxxx</h4>
<h5>xxxxxxx</h5>
<p>xxxxxxxx</p>
"""
clean_out = cleanify(input)
self.assertEqual(clean_out, input)


if __name__ == '__main__':
unittest.main()
1 change: 1 addition & 0 deletions tox.ini
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ deps =
pytest
coverage
flask_wtf
bleach

[testenv:coverage]
commands =
Expand Down
Loading